Dsearch: Fix taint-handling in lookup. Bug 2465

[exim.git] / src / src / string.c

diff --git a/src/src/string.c b/src/src/string.c
index ced1ad8c78bfe71236b67242708ab82619fd799c..007ec877ef5d1c491527e210ab2b8e778ab283ba 100644 (file)
--- a/src/src/string.c
+++ b/src/src/string.c
@@ -664,7 +664,7 @@ return yield;
 *************************************************/
 
 /* The formatting is done by string_vformat, which checks the length of
-everything.
+everything.  Taint is taken from the worst of the arguments.
 
 Arguments:
   format    a printf() format - deliberately char * rather than uschar *